- Perm
- At least 8 years of experience in managing security for On-Prem Infrastructure and 5 years+ in DevSecOps/SecOps with Cloud environments (IaaS/PaaS/SaaS)
- Experienced in building an internal SOC team and/or managing MSSP.
- Strong communicator and experienced working with C-suite / senior management stakeholders.
Job Description
Cybersecurity Leadership and Risk Management
- Lead overall cybersecurity strategy, risk management, and incident response.
- Provide leadership to the enterprise’s information security organization.
- Collaborate with business stakeholders to raise awareness of risk management concerns.
- Assist in business technology planning, offering current knowledge and future vision of technology and systems.
- Regularly communicate at the executive/company level on global cybersecurity matters.
Governance / Audit / Risk / Compliance Management
- Lead, conduct, and liaise with internal and external auditors for periodic IT/security audits.
- Formalize risk management for business and IT through risk assessments.
- Propose investments in solutions to mitigate risks.
- Facilitate risk assessment and management processes with business units.
- Ensure compliance with local and global IT/cybersecurity regulations for shore offices, cloud environments, and vessels.
Project Initiatives
- Continuously survey and identify security gaps in infrastructure, cloud, and vessels.
- Propose and manage timelines, budgets, and scopes for IT security projects.
- Collaborate with stakeholders (internal/external) to enhance the company’s overall IT security posture using solutions like Bitsight, Watchtower, CSA, etc.
- Analyze risks and impacts during the implementation of new technologies.
Operations
- Own, develop, implement, and monitor a comprehensive enterprise information security and IT risk management program. This program should cover on-premises, cloud, and vessels globally across the group of subsidiaries.
- Drive ongoing cybersecurity awareness programs and campaigns (e.g., phishing, USB attacks) to enhance users’ awareness.
- Develop and enhance an information security management framework for the organization.
- Incident Response: Assume overall responsibility for incident response related to cyberattacks.
- BCP Initiatives: Collaborate with external vendors and internal IT management to design, develop, and implement cyber-related IT business continuity planning (BCP) initiatives (e.g., incident response, alternative workplace solutions, and strategies).
- Degree or Master’s Degree in a technology and/or cybersecurity related field required.
- Professional security management certification (CRISC, CISSP, CISM, & CISA, Qualified Information Security Professional, Certified Ethical Hacker, etc).
- Excellent written and verbal communication skills and high level of personal integrity.
- Excellent experience working and presenting to C-suite executives on cyber initiatives.
- Innovative thinking with strong people engagement skills with an ability to lead and motivate crossfunctional, interdisciplinary teams.
- Experience with contract and vendor negotiations and management including managed services.
- Experienced with working in organization that does in-house cloud native software development.
- Experience with security standards / processes in a Cloud computing/Elastic computing environment, especially in Azure.
- Strong business acumen required to comprehend and evaluate business scenarios, make informed decisions, and take the necessary steps to achieve the organization's goals. However, having experience in the shipping industry is not a requirement.
- Min. 8 years or more experience managing security for On-Prem Infrastructure and at least 5 years (DevSecOps/SecOps) with Cloud environments/instances (IaaS, PaaS & SaaS).
- Minimum of 8 to 10 years of experience in a combination of risk management, information security.
- Min. 5 years or more hands-on experience in evaluating, selecting, designing, and implementing various security processes, policies, and solutions.
- Experienced in building an internal SOC team and/or managing MSSP.
- Familiar with various data privacy and cybersecurity framework (e.g. NIST, ISO 27001/27002, SOC2, GDPR, OWASP, Mitre, etc). Experienced with BIMCO is a plus.
- Proficient with implementing and managing advanced and/or automated security solutions (e.g. IDS/IPS ,EDR/XDR, DLP, PIM/PAM, SIEM, SOAR, SASE, SWG, BAS, ..)
- Experienced with implementing various cybersecurity architecture, e.g. OSI, Zero Trust Architecture, etc across Cloud and on Prem environments, including Azure / AWS.
Triton AI Pte Ltd
Registration Number: R1980724
EA: 21C0661
- Perm
- Bonus
- Medical & Insurance Coverage
- Hybird Work Arrangements